When an entity interacts with another entity, typically a process of verifying the identity of one another takes place. In this way, one entity can be confident that the other entity is “who” they claim to be. For example, when a user wishes to access an email account, the email account verifies the identity of the user. The user provides a password to the email account, which verifies the identity of the user and, if verified, the email account grants the user access.
Certificates may also be used to verify the identity of an entity, which typically includes information provided by a user. For example, when an authentication server proves its identity to an authenticating supplicant, the authenticating server provides a certificate, complete with an encrypted digital signature of a trusted certificate authority. A certificate can be created by any machine. However, typically a certificate is perceived to be authentic when it is signed. Based on the certificate, the authenticity of the entity is confirmed.